On Tue, Nov 18, 2014, at 10:45 AM, Zack Weinberg wrote:
On Tue, Nov 18, 2014 at 11:15 AM, Toralf Förster toralf.foerster@gmx.de wrote:
On 11/18/2014 04:28 PM, Jeroen Massar wrote:
People should realize though that it is not 'safer' in any way running SSH on another port.
But it is (slightly) more expensive - which counts, or ?
In my limited experience, moving SSH to another port made no apparent difference to the number of random attempts to break in. I'd recommend fail2ban or equivalent instead.
In my equally limited experience, my piddly middle relay went from about 100 SSH related fail2bans/day to zero when I changed the port. I fully recognize changing the port is mere obfuscation (I use public key anyways), but I just got tired of seeing the same list of abusers (China, Russia) in the logs every single day.
Now if only those open proxy scanners would stop hitting port 80 on my tor-project mirror--24hr bans don't seem to have any impact.